I am really trying to understand the issue.. Really. Eliezer On 07/01/2014 12:13 PM, Makkok wrote:
Hi Liam! Thanks for your reply. Its very interesting, because in the access.log file I see the correct things, GET POST request with both browsers. But when I start a tcpdump capture on the squid listening interface, only the traffic generated by Internet Explorer can be decrypted. The squid CA is inserted into the root CAs in firefox success, and I see firefox is using my cert, as the Internet Explorer does. I use dynamic ssl generation feature with ssl bump server first directive. ssl_bump server-first all https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/MyCA.pem Thanks!
